Bitdefender researchers find evidence of viruses infecting worms creating new form of malware

(PhysOrg.com) -- Romania based antivirus software company Softwin, makers of Bitdefender, have announced that they have found multiple instances of computers being infected with worms that have been infected by viruses, creating what they describe as a new Frankenstein piece of malware that should have users all over the world concerned as the new resultant mutant offspring may be more destructive than either alone and more difficult to detect by traditional software programs.

The problem they say, occurs when a computer becomes infected by a virus that has already been infected by a worm. Because worms tend to exist as executable (.exe) files and viruses tend to infect executable files, it’s only a matter of time before a preexisting worm becomes infected with a virus that manages to make its way onto the computer as well. And while the idea of a mutant bit of malware on a computer seems much worse than the traditional fare, thus far, the research team at Bitdefender doesn’t seem to have any evidence backing up its claim that the new double-whammy worm/virus combo is actually any more destructive than either would be alone if both existed as separate entities on the same computer. Although it does seem plausible that such a type of coexistence could allow viruses to spread much more easily through a network than it could were it to go it alone, as worms are generally much better at doing so.

In their announcement, the research team says it found 40,000 instances of the mutated malware out of a sample of ten million files; a hit rate of 0.4 percent. One such instance was the Virtob virus infecting worms such as the Rimecud, a potentially potent combination as Rimecud was designed to steal information such as passwords, and Virtob to create a hacker-controlled back door. Thus the two combined could find private information and then allow a hacker to sneak in and use that information to access private accounts such as for banks or credit cards.

One issue not addressed in the announcement however was the degree of damage to the worm caused by the virus upon attack, the purpose of most viruses after all, is to wreak havoc. If extensive enough, damage to a worm could kill it or make it unable to do its job which would mean no viable mutant malware would result.

Thus far the researchers say, they don’t believe the virus attacks on worms were intentional or planned by makers of either, but it’s clearly not beyond the realm of possibility now that the option has been raised, and if that does occur, it most certainly could pose a very serious threat to computers and networks the world over.

Related Stories

Since early January, a worm that has been referred to by several names, including "Downadup," "Kido" and "Conficker," has been infecting millions of computers around the world. The worm exploits a previously discovered vulnerability ...

(PhysOrg.com) -- The conficker worm created havoc last year when it infected over 10 million computers on a global scale. The unique design of the conficker worm allowed for this large scale attack to over 8 million business ...

(PhysOrg.com) -- Last week the global internet community was hit by the Downadup worm also know as Conficker, or Kido. This worm is now using multiple ways of infecting computers, including USB sticks. If someone were to ...

Just as the flu can spread from human to human, a well-engineered computer virus can transfer from machine to machine--with a bad outbreak affecting tens of thousands, or even millions, of systems. Indeed, in a high-tech ...

Persons infected with schistosomes, and possibly other parasitic worm infections, may be more likely to become infected with HIV than persons without worm infections, according to a study published July 23rd in the open-access ...

On the theory that a driver who knows when a red light will turn green is more relaxed and aware, vehicle manufacturer Audi is unveiling this week in Las Vegas a technology that enables vehicles to "read" traffic signals ...

There you are, cruising down the freeway, listening to some tunes and enjoying the view as your autonomous car zips and swerves through traffic. Then the fun ends and it becomes time take over the wheel. How smooth is that ...

That happened before, years ago, someone created a worm (Welchia) that patched a hole created/used by a different worm (Blaster). As a technician at the time, we still had to disinfect/rebuild computers infected with Welchia because the worm was still a security risk and took up network resources.

This is sort of an interesting phenomenon, as similar things seem to happen in nature, where various pathogens combine and cohabitate, sharing their DNA. It would be neat if these viruses/worms eventually evolved in the wild beyond their initial programming, taking on many different roles/exploits.

I believe a lot of the botnet for sale have this type of capability but usually it is to render the other piece of malware inert so that the botnet software can do it's thing without having to deal with another program making noise to the user or causing the user to fix both issues.

I wish supercat765, I wish someone actually came up with a "good" retrovirus but then they would be as legally liable as any other "bad" malware writer.

Please sign in to add a comment.
Registration is free, and takes less than a minute.
Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.